Environment:Protectai Modelscan TensorFlow Optional
| Knowledge Sources | |
|---|---|
| Domains | Infrastructure, Security, Deep_Learning |
| Last Updated | 2026-02-14 12:00 GMT |
Overview
Optional TensorFlow >= 2.17 dependency required for scanning SavedModel (.pb) and Keras (.keras) model formats.
Description
This environment extends the core ModelScan runtime with TensorFlow support. When TensorFlow is installed, ModelScan can scan TensorFlow SavedModel protobuf files for unsafe operators and Keras metadata files for Lambda layers containing arbitrary code. Without TensorFlow, these scanners gracefully degrade by returning a `DependencyError` instead of crashing.
The TensorFlow dependency is declared as an optional extra in `pyproject.toml` and is conditionally imported at scanner module load time using a `try/except ImportError` pattern.
Usage
Use this environment when scanning TensorFlow SavedModel (`.pb` files) or Keras (`.keras` files) model formats. If you only need to scan pickle, PyTorch, or NumPy formats, this environment is not required.
System Requirements
| Category | Requirement | Notes |
|---|---|---|
| OS | Linux, macOS | TensorFlow has limited Windows support |
| Hardware | Standard CPU | GPU not required for scanning (static analysis only) |
| Disk | ~1GB | TensorFlow package is large |
Dependencies
System Packages
- No additional system packages beyond those for the core runtime
Python Packages
- All core runtime dependencies (see Environment:Protectai_Modelscan_Python_Core_Runtime)
- `tensorflow` >= 2.17
Credentials
No additional credentials required.
Quick Install
# Install modelscan with TensorFlow extras
pip install 'modelscan[tensorflow]'
# Or install TensorFlow separately
pip install tensorflow>=2.17
Code Evidence
Optional dependency declaration in `pyproject.toml:24-28`:
# TODO: Add py3.12 once TF release supports
tensorflow = { version = "^2.17", optional = true }
[tool.poetry.extras]
tensorflow = ["tensorflow"]
Conditional import with graceful fallback from `scanners/saved_model/scan.py:8-15`:
try:
import tensorflow
from tensorflow.core.protobuf.saved_model_pb2 import SavedModel
from tensorflow.python.keras.protobuf.saved_metadata_pb2 import SavedMetadata
tensorflow_installed = True
except ImportError:
tensorflow_installed = False
Dependency check returning error instead of crash from `scanners/saved_model/scan.py:40-52`:
dep_error = self.handle_binary_dependencies()
if dep_error:
return ScanResults(
[],
[
DependencyError(
self.name(),
f"To use {self.full_name()}, please install modelscan with tensorflow extras. "
"`pip install 'modelscan[ tensorflow ]'` if you are using pip.",
model,
)
],
[],
)
TensorFlow operator enumeration from `scanners/saved_model/scan.py:70-71`:
all_operators = (
tensorflow.raw_ops.__dict__.keys() if tensorflow_installed else []
)
Common Errors
| Error Message | Cause | Solution |
|---|---|---|
| `DEPENDENCY` error: "To use modelscan.scanners.SavedModelScan, please install modelscan with tensorflow extras." | TensorFlow not installed | `pip install 'modelscan[tensorflow]'` |
| `DEPENDENCY` error: "To use modelscan.scanners.KerasLambdaDetectScan, please install modelscan with tensorflow extras." | TensorFlow not installed for .keras scanning | `pip install 'modelscan[tensorflow]'` |
| `ImportError` for `tensorflow.python.keras.protobuf` | TensorFlow version too old | Upgrade to `tensorflow>=2.17` |
Compatibility Notes
- Python 3.12: TensorFlow support may be limited. The `pyproject.toml` contains `# TODO: Add py3.12 once TF release supports` indicating known compatibility gaps.
- Keras .keras format: Requires TensorFlow for the `SavedModelLambdaDetectScan` base class, even though `.keras` files are zip-based JSON configs.
- Keras H5 format: Uses TensorFlow indirectly via `SavedModelLambdaDetectScan` parent class, but primarily depends on h5py (see Environment:Protectai_Modelscan_H5py_Optional).
- Test environment: Tests require `TF_USE_LEGACY_KERAS=1` environment variable and `tf-keras>=2.20.1`.